US5796837A - Apparatus and method for generating a secure substitution-box immune to cryptanalyses - Google Patents

Apparatus and method for generating a secure substitution-box immune to cryptanalyses Download PDF

Info

Publication number
US5796837A
US5796837A US08/780,143 US78014396A US5796837A US 5796837 A US5796837 A US 5796837A US 78014396 A US78014396 A US 78014396A US 5796837 A US5796837 A US 5796837A
Authority
US
United States
Prior art keywords
box
substitution
condition
boxes
satisfied
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
US08/780,143
Other languages
English (en)
Inventor
Kwang Jo Kim
Sang Jin Lee
Sang Joon Park
Seung Cheol Goh
Dai Ki Lee
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Electronics and Telecommunications Research Institute ETRI
Original Assignee
Electronics and Telecommunications Research Institute ETRI
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Electronics and Telecommunications Research Institute ETRI filed Critical Electronics and Telecommunications Research Institute ETRI
Assigned to ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE reassignment ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: GOH, SEUNG CHEOL, KIM, KWANG JO, LEE, DAI KI, LEE, SANG JIN, PARK, SANG JOON
Application granted granted Critical
Publication of US5796837A publication Critical patent/US5796837A/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0625Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation with splitting of the data block into left and right halves, e.g. Feistel based algorithms, DES, FEAL, IDEA or KASUMI
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/08Randomization, e.g. dummy operations or using noise

Definitions

  • This invention relates to an apparatus and method for generating a substitution-box which can be used in a DES (Data Encryption Standard), which is well known as a data security standard system all over the world, more particulary to an apparatus and method for generating a secure substitution-box immune to both differential cryptanalysis and linear cryptanalysis.
  • DES Data Encryption Standard
  • an apparatus for generating a secure substitution-box immune to differential and linear crypt analyses comprises a preprocessor for exchanging a location by the unit of bit while passing the input of 64 bits data to be protected; a parity checker for obtaining 56 bits key information by passing the input of the 64 bits key by byte unit; a key expander for repetitive operation for generating 48 bits information upon receiving the key information; a first to sixteenth operating portion for performing the 16 times of operation for one data from the preprocessor while mixing the data with an expanding key information from the key expander; and a postprocessor for generating an output signal of 64 bits data upon receiving an operated result from the first to sixteenth operating portion.
  • a method for generating a secure substitution-box comprises a first step of checking whether the condition that S(x) should not be equal to S(x ⁇ (11 efg0)) with respect to a value of any efg and all of 6 bits input for any substitution-box is satisfied or not; and a second step of, if it is determined that the condition is satisfied at the first step, selecting and outputting the satisfied substitution-box, if it is determinded that the condition is not satisfied at the first step, selecting and outputting the non-satisfied substitution-box.
  • a method for generating a secure substitution-box comprises determining whether the corresponding condition (D1) of the apparatus for generating the secure substitution-box immune to linear cryptanalysis and then outputting a satisfied substitution-box.
  • FIG. 1 is a schematic diagram of a general information security system to which this invention is applicable.
  • FIG. 2 is a schematic diagram of a block encryption system in the form of DES to which this invention is applicable.
  • FIG. 3 is a schematic diagram of a repetition operating portion in DES to which this invention is applicable.
  • FIG. 4 is a schematic diagram of a substitution-box of the repetition operating portion in DES to which this invention is applicable.
  • FIG. 5 is an exemplary view of the substitution-box.
  • FIG. 6 is a flowchart for illustrating a D1 condition check.
  • FIG. 7 is a flowchart for illustrating an L1 condition check.
  • FIG. 8 is a flowchart for illustrating an L2 condition check.
  • FIG. 9 is a flowchart for illustrating an L3 condition check.
  • FIGS. 10A and 10B are flowcharts for illustrating an L4 condition check.
  • FIG. 11 is a flowchart for illustrating an L5 condition check.
  • FIG. 12 is a flowchart for illustrating an L6 condition check.
  • FIGS. 13A and 13B are flowcharts for illustrating the generation of 8 substitution-boxes according to the present invention.
  • FIGS. 14A to 14H are exemplary views of 8 substitution-boxes generated, according to the present invention.
  • FIG. 1 shows a schematic diagram of a general information security system to which the present invention is applicable.
  • the information in the form of plain text 101 stored in the computer is subject to the transformation into encryption 102 for creating an encrypted text by use of a key 103 transmitted in advance over a secure communication path 107 between a transmitter and a receiver and then is transmitted to the other party desired for communication.
  • a third party rather than an authorized transceiver may intercept the encrypted text at his disposal, he can not restore an original information legitimately because he does not know the key information.
  • the receiver who had the key information previously delivered to his own can perform the transformation into decryption 105 as an inverse transformation of the transformation into encryption to obtain a decrypted text identical with the original plain text.
  • FIG. 2 shows the known DES algorithm to which this invention is applicable. A description about the operation of the system is below.
  • An input of DES is a 64 bits data input 201 to be protected and a 64 bits key input information 202 delivered legitimately and an oupput of DES is a transformed encryted text 208.
  • the 64 bits data input 201 is exchanged in the location of the bits by bit unit while passing a preprocessor 203.
  • the 64 bits key input 202 passes by byte unit through a parity checker 209 to obtain a substantial key information with 56 bits and then this obtained information provides 48 bits used every repetition operation via a key expander 210 for repetition operation which generates 48 bits information used in a repetitive operating portion.
  • the data preprocessed above is processed with mixed by being the 48-bit expanded key information 16 times through a first operating portion 204, a second operating portion 205, . . . , to a sixteenth operating portion 206.
  • B2 operating portions divide 64 bits into two 32 bits halves. The 32 bits information in right-side of the two being 32 bits output through the repetition operating portion to be described below, and the 32 bits information in left-side of the two being subject to the operation of the exclusive or sum by bit unit and exchanging the information of 32 bit unit to again be the input of the next repetition operating portion.
  • the transformation into the encryption is essentially equal to the transformation into the decryption but may use an expanded key information in a reverse order.
  • FIG. 3 shows a schematic diagram of the repetition operating portion used in the present invention.
  • the 32 bits input 301 of the repetition operating portion is expanded to 48 bits by a 32 to 48 expander 302.
  • the 32 bits input is a1, a2, . . . , a32
  • these bits become a32 , a1, a2, . . . , a5, a6, a5, a6, a7, . . . , a31, a32 to be 48 bits.
  • the 48 bits information is subject to the operation of the Exclusive OR with the expanded key 304 with 48 bits for the repetition operation by bit unit and then the result is divided into eight by the unit of 6 bits. Thereafter, each 6 bits is inputted to a first substitution-box 305, a second substitution-box 306, . . . , an eighth substitution-box 307, respectively and then outputted as 4 bits unit from the respective substitution-boxes. These eight 4 bits units are combined each other to obtain 32 bits information and then pass through a location exchanger 308 by bit unit to obtain an output 309 of the 32 bits repetition operating portion.
  • FIG. 4 shows a schematic diagram of a substitution-box to which the present invention is applicable.
  • Eight substitution-boxes have identical structure, each being formed of four substitution tables 403 with integer numbers from 0 to 15 as elements.
  • bit b0 and b5 of 6 bits input, b0, b1, . . . , b5 are combined to select an input 401 among four substitution tables 403 and the middle 4 bits, i.e., b1, b2, b3, b4 of 6 bits input designates an address of one substitution table value of four substitution table, thereby outputting a stored value therein.
  • FIG. 5 illustrates one of the existing 8 6 ⁇ 4 substitution-boxes in DES.
  • an input is 100011 in binary number
  • bit b0 and b5 are combined to be 11 in binary number and 3 in decimal number. Accordingly, a third row 501 is selected. Then, because the middle 4 bits 0001 of the input is 1 in decimal number, the first value 502 of the third substitution table is read out to be outputted as 12 in decimal number, i.e., 1100 in binary number.
  • substitution-box is expressed in a mathemical symbol, it is S(x): Z 2 6 A ⁇ Z 2 4 which plays the most inportant role in DES.
  • FIG. 6 shows a flowchart for checking the condition D1 related the differential cryptanalysis.
  • a condition should be given such that the change of the input of all 8 substitution-boxes causes the change of their output.
  • S(x) should be not equal to S(x ⁇ (11 efg 0)) (step 607) and a substitution-box for which this condition is satisfied are chosen (step 614).
  • the first step of the linear cryptanalysis method is to compute a linear distribution table of the substitution-box. If 6 bits input and 4 bits output which are masked are indicated as ⁇ and ⁇ , respectively, a linear distribution table NS( ⁇ , ⁇ ) is defined for any substitution-box S(x) as follows:
  • FIG. 7 shows a flowchart for checking an L1 condition as one of the condition required to generate a secure substitution-box immune to the linear cryptanalysis. More specifically, any random 6 ⁇ 4 substitution-box is read out (step 702) and then its linear distribution table is calculated (step 703). Thereafter, if it is determined that m is less than 16, a 6 ⁇ 4 substitution-box for which L1 condition is satisfied is outputted (step 705), if it is determined that m exceeds the maximum value 16, a substitution-box for which the L1 condition is not satisfied is outputted (step 706).
  • FIG. 8 shows a flowchart for checking an L2 condition as one of the condition required to generate a secure substitution-box immune to the linear cryptanalysis. More specifically, for a and b with the count of 1 less than two on the linear distribution table (step 803) of any substitution-box (step 802), as a condition to minimize a linear repetition characteristics, if it is determined that an absolute value of the linear distribution table,
  • FIG. 9 shows a flowchart for checking an L3 condition as one of the conditions required to generate a secure substitution-box immune to the linear cryptanalysis.
  • FIGS. 10A and 10B show flowcharts for checking an L4 condition as one of the conditions required to generate a secure substitution-box immune to the linear cryptanalysis.
  • NS1(a, b) for any substitution box is calculated (step 1007), and if it is determined that values of NS1 (4, 4) and NS1 (2, 2) of the 8 substitution-boxes are 0(step 1011), a first substitution-box for which the L4 condition is satisfied is outputted (step 1015).
  • NS2(a, b) for any substitution box is calculated (step 1008), and if it is determined that values of NS2(4, 4) and NS2(2, 1) of the 8 substitution-boxes are 0(step 1012), a second substitution-box for which the L4 condition is satisfied is outputted (step 1016).
  • NS3(a, b) for any substitution box is calculated (step 1009), and if it is determined that values of NS 3 (8, 4) and NS3 (4, 8) of the 8 substitution-boxes are 0(step 1013), a third substitution-box for which the L4 condition is satisfied is outputted (step 1017).
  • NS4(a, b) for any substitution box is calculated (step 1010), and if it is determined that values of NS4(8, 4) and NS4(2, 2) of the 8 substitution-boxes are 0(step 1014), a fourth substitution-box for which the L4 condition is satisfied is outputted (step 1018).
  • NS5(a, b) for any substitution box is calculated (step 1023), and if it is determined that values of NS5 (16, 1) and NS5 (8, 8) of the 8 substitution-boxes are 0(step 1027), a fifth substitution-box for which the L4 condition is satisfied is outputted (step 1031).
  • NS6(a, b) for any substitution box is calculated (step 1024), and if it is determined that values of NS6(16, 4) and NS6(4, 8) of the 8 substitution-boxes are 0(step 1028), a sixth substitution-box for which the L4 condition is satisfied is outputted (step 1032).
  • NS7(a, b) for any substitution box is calculated (step 1035), and if it is determined that values of NS7 (4, 8) and NS7 (2, 1) of the 8 substitution-boxes are 0(step 1029), a seventh substitution-box for which the L4 condition is satisfied is outputted (step 1033).
  • NS8(a, b) for any substitution box is calculated (step 1026), and if it is determined that values of NS8(16, 1) and NS8(2, 4) of the 8 substitution-boxes are 0(step 1030), an eighth substitution-box for which the L4 condition is satisfied is outputted (step 1034).
  • FIG. 11 shows a flowchart for checking a special condition (L5) for generating the fifth substitution-box and the eighth substitution-box to minimize the linear repetition characteristics.
  • L5 special condition
  • the linear distribution tables NSj (a, b) of the fifth and eighth substitution-boxes are calculated (step 1103) and a value of exclusive OR of a with an input mask value of 16 (step 1104) and two output mask values b1 and b2 is 1, if it is determined that an absolute value of the multiplication of NSj (a, b1) and NSj(a, b2) is less than 48 (step 1105), the fifth and eighth substitution-boxes for which the L5 condition is satisfied is outputted (step 1106).
  • FIG. 12 shows a flowchart for checking a special condition (L6) for generating the sixth substitution-box to minimize the linear repetition characteristics.
  • L6 special condition
  • FIGS. 13A and 13B show flowcharts for illustrating the generation of 8 substitution-boxes according to the present invention.
  • random substitution is produced (step 1303) and then four substitutions are selected so that a sufficient number of a candidate substitution box is generated (step 1304).
  • substitution-boxes For each of substitution-box, individual substitution-boxes for which the D1 condition (step 1305), the L1 condition (step 1306), the L2 condition (step 1307), and the L3 condition (step 1308) are satisfied are generated. Then, substitution-boxes for which the L5 condition (step 1309) and the L6 condition (step 1310) are satisfied is generated as candidates of the fifth, sixth, and eighth substitution-boxes. Finally, by checking the L4 condition (step 1311), each of 8 substitution-boxes is generated (step 1312).
  • FIGS. 14A to 14H show exemplary views of 8 substitution-boxes generated, according to the present invention.
  • the differential cryptanalysis and the linear cryptanalysis are not applicable to DES.
  • substitution-boxes to be inserted are used in individualization, an individual security system is constructed so that a variety of the system is realized.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Executing Machine-Instructions (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Error Detection And Correction (AREA)
US08/780,143 1995-12-26 1996-12-26 Apparatus and method for generating a secure substitution-box immune to cryptanalyses Expired - Fee Related US5796837A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1019950056850A KR0153758B1 (ko) 1995-12-26 1995-12-26 입출력 변화 공격과 선형 공격에 안전한 대치회로 생성기 및 생성방법
KR95-56850 1995-12-26

Publications (1)

Publication Number Publication Date
US5796837A true US5796837A (en) 1998-08-18

Family

ID=19444547

Family Applications (1)

Application Number Title Priority Date Filing Date
US08/780,143 Expired - Fee Related US5796837A (en) 1995-12-26 1996-12-26 Apparatus and method for generating a secure substitution-box immune to cryptanalyses

Country Status (2)

Country Link
US (1) US5796837A (ko)
KR (1) KR0153758B1 (ko)

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6031911A (en) * 1996-07-18 2000-02-29 Entrust Technologies, Ltd. Practical S box design
DE19845073A1 (de) * 1998-09-30 2000-04-06 Siemens Ag Verfahren zur Absicherung der DES-Verschlüsselung gegen Ausspähung der Schlüssel durch Analyse der Stromaufnahme des Prozessors
WO2001008012A1 (en) * 1999-07-26 2001-02-01 Motorola Inc. Method and apparatus for preventing information leakage attacks on a microelectronic assembly
US20010019610A1 (en) * 2000-01-26 2001-09-06 Takeshi Shimoyama Method and apparatus for designing cipher logic, and a computer product
US20020021802A1 (en) * 2000-07-12 2002-02-21 Hirofumi Muratani Encryption apparatus, decryption appatatus, expanded key generating apparatus and method therefor, and recording medium
US20020027987A1 (en) * 2000-07-04 2002-03-07 Roelse Petrus Lambertus Adriaanus Substitution-box for symmetric-key ciphers
US20020061107A1 (en) * 2000-09-25 2002-05-23 Tham Terry K. Methods and apparatus for implementing a cryptography engine
US20020078342A1 (en) * 2000-09-25 2002-06-20 Broadcom Corporation E-commerce security processor alignment logic
US20030068038A1 (en) * 2001-09-28 2003-04-10 Bedros Hanounik Method and apparatus for encrypting data
US20030118190A1 (en) * 1998-05-29 2003-06-26 Siemens Aktiengesellschaft Method and apparatus for processing data where a part of the current supplied is supplied to an auxiliary circuit
US7076059B1 (en) * 2002-01-17 2006-07-11 Cavium Networks Method and apparatus to implement the data encryption standard algorithm
US7103180B1 (en) * 2001-10-25 2006-09-05 Hewlett-Packard Development Company, L.P. Method of implementing the data encryption standard with reduced computation
US7187769B1 (en) * 1998-06-02 2007-03-06 Nippon Telegraph And Telephone Public Corporation Method and apparatus for evaluating the strength of an encryption
US7292693B1 (en) * 1998-08-13 2007-11-06 Teledyne Technologies Incorporated Deterministically generating block substitution tables which meet a given standard of nonlinearity
US7477741B1 (en) 2004-10-01 2009-01-13 The United States Of America As Represented By The Administrator Of The National Aeronautics And Space Administration Analysis resistant cipher method and apparatus
US20110129085A1 (en) * 2009-12-01 2011-06-02 Samsung Electronics Co., Ltd. Cryptographic device for implementing s-box
US20160065361A1 (en) * 2014-08-28 2016-03-03 Samsung Electronics Co., Ltd. Endecryptor preventing side channel attack, driving method thereof and control device having the same

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3958081A (en) * 1975-02-24 1976-05-18 International Business Machines Corporation Block cipher system for data security
US3962539A (en) * 1975-02-24 1976-06-08 International Business Machines Corporation Product block cipher system for data security
US4275265A (en) * 1978-10-02 1981-06-23 Wisconsin Alumni Research Foundation Complete substitution permutation enciphering and deciphering circuit
US5231662A (en) * 1989-08-01 1993-07-27 Tulip Computers International B.V. Method and device for enciphering data to be transferred and for deciphering the enciphered data, and a computer system comprising such a device
US5237611A (en) * 1992-07-23 1993-08-17 Crest Industries, Inc. Encryption/decryption apparatus with non-accessible table of keys
US5317638A (en) * 1992-07-17 1994-05-31 International Business Machines Corporation Performance enhancement for ANSI X3.92 data encryption algorithm standard
US5473693A (en) * 1993-12-21 1995-12-05 Gi Corporation Apparatus for avoiding complementarity in an encryption algorithm
US5511123A (en) * 1994-08-04 1996-04-23 Northern Telecom Limited Symmetric cryptographic system for data encryption

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3958081A (en) * 1975-02-24 1976-05-18 International Business Machines Corporation Block cipher system for data security
US3962539A (en) * 1975-02-24 1976-06-08 International Business Machines Corporation Product block cipher system for data security
US4275265A (en) * 1978-10-02 1981-06-23 Wisconsin Alumni Research Foundation Complete substitution permutation enciphering and deciphering circuit
US5231662A (en) * 1989-08-01 1993-07-27 Tulip Computers International B.V. Method and device for enciphering data to be transferred and for deciphering the enciphered data, and a computer system comprising such a device
US5317638A (en) * 1992-07-17 1994-05-31 International Business Machines Corporation Performance enhancement for ANSI X3.92 data encryption algorithm standard
US5237611A (en) * 1992-07-23 1993-08-17 Crest Industries, Inc. Encryption/decryption apparatus with non-accessible table of keys
US5473693A (en) * 1993-12-21 1995-12-05 Gi Corporation Apparatus for avoiding complementarity in an encryption algorithm
US5511123A (en) * 1994-08-04 1996-04-23 Northern Telecom Limited Symmetric cryptographic system for data encryption

Cited By (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6031911A (en) * 1996-07-18 2000-02-29 Entrust Technologies, Ltd. Practical S box design
US20030118190A1 (en) * 1998-05-29 2003-06-26 Siemens Aktiengesellschaft Method and apparatus for processing data where a part of the current supplied is supplied to an auxiliary circuit
US7187769B1 (en) * 1998-06-02 2007-03-06 Nippon Telegraph And Telephone Public Corporation Method and apparatus for evaluating the strength of an encryption
US7292693B1 (en) * 1998-08-13 2007-11-06 Teledyne Technologies Incorporated Deterministically generating block substitution tables which meet a given standard of nonlinearity
DE19845073A1 (de) * 1998-09-30 2000-04-06 Siemens Ag Verfahren zur Absicherung der DES-Verschlüsselung gegen Ausspähung der Schlüssel durch Analyse der Stromaufnahme des Prozessors
DE19845073C2 (de) * 1998-09-30 2001-08-30 Infineon Technologies Ag Verfahren zur Absicherung der DES-Verschlüsselung gegen Ausspähung der Schlüssel durch Analyse der Stromaufnahme des Prozessors
WO2001008012A1 (en) * 1999-07-26 2001-02-01 Motorola Inc. Method and apparatus for preventing information leakage attacks on a microelectronic assembly
US6295606B1 (en) * 1999-07-26 2001-09-25 Motorola, Inc. Method and apparatus for preventing information leakage attacks on a microelectronic assembly
US20010019610A1 (en) * 2000-01-26 2001-09-06 Takeshi Shimoyama Method and apparatus for designing cipher logic, and a computer product
US7346161B2 (en) * 2000-01-26 2008-03-18 Fujitsu Limited Method and apparatus for designing cipher logic, and a computer product
US7043016B2 (en) * 2000-07-04 2006-05-09 Koninklijke Philips Electronics N.V. Substitution-box for symmetric-key ciphers
US20020027987A1 (en) * 2000-07-04 2002-03-07 Roelse Petrus Lambertus Adriaanus Substitution-box for symmetric-key ciphers
US7194090B2 (en) * 2000-07-12 2007-03-20 Kabushiki Kaisha Toshiba Encryption apparatus, decryption apparatus, expanded key generating apparatus and method therefor, and recording medium
US20020021802A1 (en) * 2000-07-12 2002-02-21 Hirofumi Muratani Encryption apparatus, decryption appatatus, expanded key generating apparatus and method therefor, and recording medium
US7555121B2 (en) 2000-09-25 2009-06-30 Broadcom Corporation Methods and apparatus for implementing a cryptography engine
US20020061107A1 (en) * 2000-09-25 2002-05-23 Tham Terry K. Methods and apparatus for implementing a cryptography engine
US20020078342A1 (en) * 2000-09-25 2002-06-20 Broadcom Corporation E-commerce security processor alignment logic
US20030068038A1 (en) * 2001-09-28 2003-04-10 Bedros Hanounik Method and apparatus for encrypting data
US7103180B1 (en) * 2001-10-25 2006-09-05 Hewlett-Packard Development Company, L.P. Method of implementing the data encryption standard with reduced computation
US7076059B1 (en) * 2002-01-17 2006-07-11 Cavium Networks Method and apparatus to implement the data encryption standard algorithm
US7477741B1 (en) 2004-10-01 2009-01-13 The United States Of America As Represented By The Administrator Of The National Aeronautics And Space Administration Analysis resistant cipher method and apparatus
US20110129085A1 (en) * 2009-12-01 2011-06-02 Samsung Electronics Co., Ltd. Cryptographic device for implementing s-box
US8750497B2 (en) * 2009-12-01 2014-06-10 Samsung Electronics Co., Ltd. Cryptographic device for implementing S-box
US9344273B2 (en) 2009-12-01 2016-05-17 Samsung Electronics Co., Ltd. Cryptographic device for implementing S-box
US20160065361A1 (en) * 2014-08-28 2016-03-03 Samsung Electronics Co., Ltd. Endecryptor preventing side channel attack, driving method thereof and control device having the same
US10291390B2 (en) 2014-08-28 2019-05-14 Samsung Electronics Co., Ltd. Endecryptor preventing side channel attack, driving method thereof and control device having the same

Also Published As

Publication number Publication date
KR970049698A (ko) 1997-07-29
KR0153758B1 (ko) 1998-11-16

Similar Documents

Publication Publication Date Title
US5796837A (en) Apparatus and method for generating a secure substitution-box immune to cryptanalyses
AU635466B2 (en) Method of cryptographically transforming electronic digital data from one form to another
US5623549A (en) Cipher mechanisms with fencing and balanced block mixing
US5222139A (en) Cryptographic method and apparatus
Lubbe Basic methods of cryptography
EP0839418B1 (en) Cryptographic method and apparatus for non-linearly merging a data block and a key
Lai et al. A proposal for a new block encryption standard
Lai On the design and security of block ciphers
US5365589A (en) Method and apparatus for encryption, decryption and authentication using dynamical systems
EP1303941B1 (en) Substitution-box for symmetric-key ciphers
Bishop Introduction to Cryptography with java Applets
GB2285562A (en) Transformation pattern generating device and encryption function device
EP1307993B1 (en) Linear transformation for symmetric-key ciphers
JPH07334081A (ja) デジタル式カオス信号による情報の隠蔽・復号化方法および装置
Lee et al. Cryptanalysis of SOSEMANUK and SNOW 2.0 using linear masks
JP2000511755A (ja) バイナリーコード情報を暗号化する方法
EP1351430B1 (en) Expansion key generating device, encryption device and encryption system
Robshaw Block ciphers
Preneel et al. Key recovery attack on ANSI X9. 19 retail MAC
WO1994021066A1 (en) A method and apparatus for generating a digital message authentication code
Shahapure et al. Variation and security enhancement of block ciphers by embedding
US5764771A (en) Method for processing a digital signal in a so-called secure communication system and use of this method for access control and/or binary signature
Young et al. Backdoor attacks on black-box ciphers exploiting low-entropy plaintexts
Simmons Symmetric and asymmetric encryption
Helmy et al. A metamorphic-enhanced mars block cipher

Legal Events

Date Code Title Description
AS Assignment

Owner name: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTIT

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:KIM, KWANG JO;LEE, SANG JIN;PARK, SANG JOON;AND OTHERS;REEL/FRAME:008607/0340

Effective date: 19970111

FEPP Fee payment procedure

Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY

FPAY Fee payment

Year of fee payment: 4

FPAY Fee payment

Year of fee payment: 8

REMI Maintenance fee reminder mailed
LAPS Lapse for failure to pay maintenance fees
STCH Information on status: patent discontinuation

Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362

FP Lapsed due to failure to pay maintenance fee

Effective date: 20100818